PROFESSIONAL PACK Dir. 2014/53/EU Buy pack — €999
LIVE Enforcement tracker · Deadline dashboard · Transposition status — Updated weekly from EUR-Lex, Safety Gate, OEIL & 12 official sources View regulatory intelligence →

Delegated Regulation 2022/30 added cybersecurity to CE marking. Your 40+ clients with WiFi, BLE, or Zigbee products now need Art. 3.3 documentation. Each dossier takes 15 hours. With REDCheck, 20 minutes.

You are a CE marking consultancy managing product conformity for manufacturers of electronics and connected products — WiFi sensors, BLE wearables, Zigbee gateways, LoRa controllers, building automation, smart home devices. Delegated Regulation (EU) 2022/30 activates Article 3(3), points (d), (e) and (f) of Directive 2014/53/EU, requiring cybersecurity documentation for all internet-connected radio equipment. Your clients will ask you to handle it. REDCheck Professional Pack: 70 licenses, €999 one-time. 8 structured PDF documents per product. Generated in your browser in 20 minutes.

Buy pack — €999 See what each dossier includes

€999 · One-time · 70 dossiers · 8 PDFs each · Your data never leaves your browser

Built on Directive 2014/53/EU + Delegated Regulation (EU) 2022/30 · Art. 3.3(d)(e)(f) structure · Annex V mapped · EU Declaration of Conformity (Annex VI) · 100% browser-side — GDPR-native

The numbers that matter for your CE marking practice

You know product conformity. You manage RED, EMC, LVD, and RoHS for dozens of manufacturers. Since August 2025, every internet-connected radio product needs Art. 3.3 cybersecurity documentation on top of existing directives. The question is whether you can deliver it at scale without pulling senior engineers away from RF testing and EMC work.

70
Dossiers per pack. One license per product per manufacturer. Independent activation.
20 min
Per dossier — vs 15-20 hours of manual drafting for cybersecurity documentation.
8 PDFs
Per product. Applicability report, Annex V documentation, Art. 3.3(d)(e)(f) assessments, DoC, CE marking guidance.

Who uses the professional pack

REDCheck Professional Pack is built for professionals who manage product conformity across multiple directives and need to add Art. 3.3 cybersecurity documentation to their service offering.

🏷️
CE marking consultancies
Already managing RED, LVD, EMC, RoHS. Adding Art. 3.3(d)(e)(f) cybersecurity documentation as a new compliance layer.
📋
Product conformity agencies
Multi-directive compliance for electronics and IoT. Serving 30-60 manufacturers across the EU market with connected products.
🌍
Import compliance advisors
Supporting importers under Article 12 — verifying that non-EU manufacturers have cybersecurity documentation before market placement.
🔬
EMC and RF testing laboratories
Complementing test reports with structured Art. 3.3 documentation. Cybersecurity dossier alongside EMC, RF, and safety testing.

What documenting 70 clients costs — with and without the pack

Without the pack
€63,000+
Manual drafting: 70 clients × 15h × €60-100/h of senior engineer time
Or outsource to a cybersecurity consultant:
70 clients × €1,000-2,500 = €70,000-€175,000

Or enterprise SaaS platform:
€8,000-20,000/year + onboarding + integration
✓ REDCheck Professional Pack
€999
One payment. 70 dossiers. 20 minutes each.
Total time: 70 × 20 min = ~23 hours
No subscription. No vendor dependency.
No cybersecurity expertise required.

What this pack actually changes in your practice

Three inputs. Four answers. No signup required.

One license per product
Current time without the tool
Internal cost — not billing rate
×45
Capacity multiplier
Same person. Same hours. More output.
587h
Hours returned to advisory work
Time that goes back to billable engagements
€60,000
Cost of doing it manually
Professional time — documentation alone
First dossier delivered the same day. No setup. No onboarding. No integration project.
Ready on day one
Buy pack — €999
€999 one-time · No subscription · No vendor dependency · Enterprise SaaS alternative: €15,000–30,000/year + weeks of setup

What each dossier includes: 8 structured documents

Every license generates a complete Art. 3.3 cybersecurity documentation package. Each document cites the specific article of Directive 2014/53/EU and Delegated Regulation (EU) 2022/30 it complies with.

1

Art. 3.3 Applicability Report

Determines which points apply to the product: (d) network protection, (e) privacy and data protection, (f) fraud protection. Based on Delegated Regulation (EU) 2022/30, Articles 1 and 2.

2

Technical Documentation (Annex V)

Complete technical file structure for cybersecurity aspects. Product description, design, development methodology. Article 21 of Directive 2014/53/EU.

3

Network Protection Assessment

Art. 3.3(d) — radio equipment does not harm the network or its functioning nor misuse network resources. Aligned with EN 18031-1.

4

Privacy & Data Protection Assessment

Art. 3.3(e) — safeguards for personal data and privacy of user and subscriber. Aligned with EN 18031-2.

5

Anti-Fraud Assessment

Art. 3.3(f) — features ensuring protection from fraud when the equipment enables monetary transfers. Aligned with EN 18031-3.

6

EU Declaration of Conformity

Per Annex VI of Directive 2014/53/EU. Manufacturer identification, product identification, applicable essential requirements, conformity assessment reference.

7

Simplified EU Declaration of Conformity

Per Annex VII of Directive 2014/53/EU. Short-form declaration with URL reference to the full Declaration of Conformity. Article 10.9.

8

CE Marking Guidance Sheet

Printable label with CE marking, manufacturer contact details, product identification. Articles 19 and 20 of Directive 2014/53/EU.

See before you buy — Download sample dossier (PDF, fictional company) — Real structure, real articles, real format. Fictional data.

How it works — four steps

1
Buy the pack
70 license codes delivered by email via Gumroad. One payment. No subscription.
2
Activate a license
Each license has its own code. Activate when needed. 30-day editing window per license from first activation.
3
Generate the dossier
15-20 minutes. Guided form with references to every article. The client does not need access to the tool.
4
Deliver to the client
8 PDFs in a ZIP file. Structured, article-by-article. Complements the existing CE marking technical file.

Three mistakes that cost CE marking firms time and clients

Pattern 1 — Drafting Art. 3.3 dossiers with existing RED and EMC templates

Cybersecurity documentation has its own structure

RED radio testing documentation (EMC per EN 55032, RF measurements, safety per EN 62368-1) does not map to the cybersecurity requirements of Article 3(3)(d)(e)(f). EN 18031 defines network protection, privacy safeguards, and anti-fraud requirements that have no equivalent in existing directive templates. A conformity assessment built on EMC or safety templates will miss the Art. 3.3 structure entirely.

Pattern 2 — Assuming existing CE marking covers cybersecurity

A CE marking certificate based on RED radio does not equal Art. 3.3 compliance

Delegated Regulation (EU) 2022/30 activated Article 3(3)(d)(e)(f) as separate essential requirements. A product can be fully compliant with RED radio, EMC, and LVD requirements and still have zero cybersecurity documentation. Market surveillance authorities verify Art. 3.3 compliance independently from existing directives.

Pattern 3 — Telling clients to find a cybersecurity firm for Art. 3.3

If the client goes elsewhere for cybersecurity, the whole account follows

A CE marking consultancy that cannot offer Art. 3.3 documentation forces the client to find a second provider. That second provider will offer to handle all directives — RED, EMC, LVD, and cybersecurity together. The client leaves not because of price, but because of convenience. Art. 3.3 is a retention risk for the entire service portfolio.

Documentation and implementation: two layers

● LAYER 1 — What REDCheck does

Art. 3.3 cybersecurity documentation

8 structured PDF documents per product. Network protection assessment (Art. 3.3(d)), privacy and data protection assessment (Art. 3.3(e)), anti-fraud assessment (Art. 3.3(f)), Declaration of Conformity, CE marking guidance. Generated from input data in 20 minutes. Article-by-article traceability to Directive 2014/53/EU and Delegated Regulation (EU) 2022/30.

∅ LAYER 2 — What REDCheck does not do

Security testing and product implementation

Penetration testing, firmware security analysis, encryption implementation, secure boot configuration, EN 18031 laboratory testing, vulnerability scanning, SBOM generation from source code. These are implementation-level services. REDCheck documents the cybersecurity posture — it does not create it.

REDCheck structures and documents. The consultancy advises on conformity and coordinates implementation. The two layers complement each other.

What your clients face without documentation

These are the consequences under Directive 2014/53/EU for radio equipment that does not comply with the essential requirements of Article 3(3). This is the argument to present when a client asks why Art. 3.3 cybersecurity documentation is necessary on top of existing CE marking.

🇪🇺
Product withdrawal or recall by market surveillance
Market access blocked

Article 40 of Directive 2014/53/EU. Market surveillance authorities can require corrective measures, withdrawal from the market, or product recall for non-compliant radio equipment.

🇪🇺
National penalties — effective, proportionate, and dissuasive
Set by each Member State

Article 46 of Directive 2014/53/EU. Member States impose penalties for non-compliance, which may include criminal penalties for serious infringements.

🇪🇺
Formal non-compliance — CE marking blocked
Market prohibition

Article 43 of Directive 2014/53/EU. Missing or incomplete technical documentation, absent EU Declaration of Conformity, or improper CE marking triggers formal non-compliance proceedings and prohibition from the market.

The clients face these consequences. The consultancy offers the documentation that prevents them.

Alternatives for documenting 70 clients

OptionCost for 70 clientsTotal timeOutput quality
Manual drafting (Word templates)Professional time only1,050+ hoursVariable, no Art. 3.3-specific structure
Outsource to cybersecurity firm€70,000-€175,000Depends on providerHigh, but cost-prohibitive at scale
Enterprise SaaS platform€8,000-€20,000/year2-4 weeks setupHigh, requires integration
REDCheck Professional Pack€999 (one-time)~23 hours totalStructured, Art. 3.3(d)(e)(f), article-by-article

What REDCheck guarantees and what it does not

REDCheck generates a structured documentation package covering Article 3(3), points (d), (e) and (f) of Directive 2014/53/EU, as activated by Delegated Regulation (EU) 2022/30, according to Article 21 and Annex V, from the information that the user enters. The truthfulness, accuracy and completeness of that information is the responsibility of the manufacturer — or of the consultant entering data on their behalf.

We guarantee that the document structure follows Annex V of Directive 2014/53/EU and that the legal references cited are correct as of the latest verification date. We do not guarantee that a specific document will be accepted by a market surveillance authority in a specific case, nor by a commercial buyer in a procurement process.

REDCheck is not legal advice. For specific situations, consult a lawyer or specialised regulatory consultancy.

Frequently asked questions — professional pack

How do the 70 licenses work?
Each license is activated with a unique code and is associated with one specific product and manufacturer. One license equals one Art. 3.3 cybersecurity documentation dossier. The 70 licenses are used independently. They do not expire as a block — each one has its own 30-day editing window from its individual first activation.
Can I request a refund?
The pack is a digital product governed by Article 16(m) of Directive (EU) 2011/83 on consumer rights. By activating the first license and expressly confirming PDF generation, the buyer consents to the downloadable digital content nature of the product and waives the right of withdrawal. Refunds are accepted only for reproducible technical failures (generator error, PDF that does not download, verifiable bug) within 14 calendar days of purchase.
What if the regulation changes?
Unused licenses will generate the dossier using the updated version of the generator at no additional cost. REDCheck is updated within 48 hours of any regulatory change published in the Official Journal of the European Union.
Do I need legal expertise to use the tool?
No. The generator guides step by step with references to each article of Directive 2014/53/EU and Delegated Regulation (EU) 2022/30. The user enters the product data — manufacturer details, product description, radio technology, connectivity, security features, data processing activities. The tool structures the dossier according to Annex V. It does not replace legal advice but reduces documentation time from hours to minutes.
I already document RED radio testing (RF, EMC, safety). Does REDCheck cover the radio aspects too?
No. REDCheck specifically covers the cybersecurity documentation required under Article 3(3), points (d), (e) and (f) of Directive 2014/53/EU, as activated by Delegated Regulation (EU) 2022/30. Existing RED radio testing — RF measurements, EMC testing per EN 55032/EN 55035, safety assessment per EN 62368-1 — remains separate and is not affected. REDCheck adds the cybersecurity documentation layer that became mandatory for internet-connected radio equipment since August 2025. The output complements the existing CE marking technical file — it does not replace it.
My clients make WiFi, BLE, and Zigbee products. Does Art. 3.3(d) apply to all of them?
Article 3(3), point (d) applies to any radio equipment that can communicate over the internet, whether directly or via other equipment — as defined in Article 1(1) of Delegated Regulation (EU) 2022/30. WiFi devices communicate directly with the internet and are clearly in scope. BLE and Zigbee devices typically communicate via a gateway or hub that connects to the internet. If that gateway is internet-connected, the BLE or Zigbee device is considered internet-connected radio equipment under the regulation. In practice, most modern connected products — sensors, smart home devices, wearables, building automation controllers, industrial IoT gateways — fall within scope.

Official legal sources

Directive 2014/53/EU — Radio Equipment Directive (EUR-Lex) Commission Delegated Regulation (EU) 2022/30 — supplementing Directive 2014/53/EU on Art. 3.3(d)(e)(f) (EUR-Lex)
⚠️ Important notice: REDCheck is a self-assessment documentation tool, not legal advice and not a third-party audit. The documents are generated from your input data. You are responsible for the accuracy of the data you provide. REDCheck does not replace a qualified professional assessment.

Delegated Regulation (EU) 2022/30 has been in force since August 2025. Your clients already need RED, EMC, and LVD. The question is whether you add Art. 3.3 cybersecurity documentation to your service — or a competitor does.

70 licenses. 8 PDF documents per product. Art. 3.3(d)(e)(f) structure. Browser-side. One payment.

€999 one-time
70 dossiers · 20 minutes per client · One payment · Directive 2014/53/EU + Delegated Regulation (EU) 2022/30
Buy REDCheck Professional Pack — €999

Related

PROFESSIONAL PACK

RED cybersecurity documentation tool for IoT security consultancies
PROFESSIONAL PACK

RED cybersecurity documentation tool for authorised representative services
INDIVIDUAL LICENSE

REDCheck — single license from €99